Namecheap can only enable DNSSEC if domain DNS is set to custom DNS server. So I have enabled DNSSEC and set the custom DNS to ns1.box.domain and ns2.box.domain.
And from box.domain/admin > Custom DNS, I have set all the necessary records. I am able to send/receive emails but why the status page complaints that the nameservers with domain registrar are wrong? The complaints are for subdomains (box and mail) created by MIAB. And since MIAB provides a DNS server, why are they not already set? Or how can I set them? I don’t see an option to set a nameserver for subdomains.
Yes I think that’s where I found the Namecheap instructions to setup the nameservers for the root domain.
My question was about the subdomains (mail.domain.tld and box.domain.tld). Since the root domain is pointed to use the DNS server (nsd) provided by MIAB. I don’t see an option to set nameservers (NS record?) for subdomains. I do see other options like A, AAAA, CNAME, etc.
You are right, I missed the NS record option from the dropdown. Upon creating a NS record for mail.domain.tld pointing to ns1.mail.domain.tld I get the following error (leaving subdomain text field empty because I need this for mail.domain.tld).
“NS records can only be set for subdomains.”
Why am I doing this? There is an entry in status check page.
mail.domain.tld
The nameservers set on this domain are incorrect. They are currently [Not Set]. Use your domain name registrar’s control panel to set the nameservers to ns1.mail.domain.tld; ns2.mail.domain.tld.
This is where my confusion is. “…set on this domain are incorrect”. Which domain is it talking about? Is it talking about the root domain (i.e. domain.tld) or the subdomain mentioned in the heading (i.e. mail.domain.tld).
Please check the status page again. Did you create the correct glue and own namesrever records for box.domain.tld. This is usually done by creating 2 glue records (A records ns1.box and ns2.box) and pointing the cutom nameservers at namecheap to the ip address of your MIAB by creating 2 NS records at namecheap (ns1.box.domain.tld and ns2.box.domain.tld).
Check if box.domain.tld under your MIAB status is all green>> If yes
Go ahead delete the sundomian mail.domain.tld.
Start again. Where are you creating the subdomian. Subdomains are added in Custom DNS. Just type the subdomian in front of the domain. And add an A record.
It looks to me from the screenshot above that you are trying to add multiple domains. This is not the same as subdomians. Read the section of the setup guide for adding multiple domains. There is no need of glue records at the registrar for any additional multiple domains.
Explain what you are trying to achieve. And better yet, read the setup instructions.
Do you want to add mail users under a subdomain>> mail.domain.tld >> Then you need to add multiple domains. I am not sure how this is done. Maybe @alento can help.
Report if you are succesful with the subdomain. Why do you need the subdomain?
If you don’t wish to post the status page here>> DM me.
From what I am reading here your goal is to run your MiaB as mail.domain.tld rather than box.domain.tld. Is that correct?
If so re-run setup using the proper subdomain, and change your glue records accordingly. If not, advise what you are trying to do. I’ll also want the domain name to help you, so I can look at what your current settings are. You may PM me.
I’ll reply later in the morning better. But in short for now, nsd DNS server is not propagating my entries to other networks.
I have already created ns1.mail.domain.tld and ns2.mail.domain.tld but yes I didn’t realize that while setting up the box.
My domain is only available from my home network. But I was working from a coffee shop and it couldn’t find it. Google DNS doesn’t find my domains as well.
Please note that I am able to send and receive emails to my gmail address. I am shocked this is working even if my domain is not found at Google DNS (8.8.8.8).
I just went ahead and deleted the nameservers on namecheap and recreated them. I noticed that I was using ns1.box.domain.tld ns2.box.domain.tld instead of ns1.mail.domain.tld and ns2.mail.domain.tld. And now the status checks are green!
I was under the impression that since both box and mail subdomains are pointing to the same server, this should be fine. But I guess having the names right could be important.
The nameservers set on this domain are incorrect. They are currently [Not Set]. Use your domain name registrar’s control panel to set the nameservers to ns1.mail.domain.tld; ns2.mail.domain.tld.
Thank you for your help! I’ll wait for DNS propagation to see if the MTA-STS error goes away.